diff options
author | lloyd <[email protected]> | 2010-11-29 22:52:17 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-11-29 22:52:17 +0000 |
commit | 0e41e0e8d441ff907f092c718db650cda06e2e1a (patch) | |
tree | 8c0df20500bdf601d4378a6000923501a48ad1f3 | |
parent | 5d4621b745ac529c7df6c4d91e4d2b68bd0325e4 (diff) | |
parent | 65ab36776317f73ddf0f2d3bd6c1c7e35608962f (diff) |
propagate from branch 'net.randombit.botan' (head fc8daa606ab7954eab48778d7236986747b719e4)
to branch 'net.randombit.botan.c++0x' (head 2bf71b0a2e0e468d7eb3631e4ca284234f554729)
32 files changed, 393 insertions, 364 deletions
diff --git a/checks/bench.cpp b/checks/bench.cpp index 8502d0232..af61d2edd 100644 --- a/checks/bench.cpp +++ b/checks/bench.cpp @@ -149,6 +149,18 @@ void report_results(const std::string& algo, std::cout << algo; +#if defined(__SUNPRO_CC) + #define REVERSE_ITERATOR_BUG 1 +#elif defined(__GNUC__) && __GNUC__ <= 3 + #define REVERSE_ITERATOR_BUG 1 +#elif defined(__GNUC__) && (__GNUC__ == 4 && __GNUC_MINOR__ == 0) + #define REVERSE_ITERATOR_BUG 1 +#endif + +#ifndef REVERSE_ITERATOR_BUG + #define REVERSE_ITERATOR_BUG 0 +#endif + #if (defined(__GNUC__) && __GNUC__ <= 3) || defined(__SUNPRO_CC) // Work around GCC 3.x bug, reverse iterators don't work for(std::map<double, std::string>::const_iterator i = results.begin(); i != results.end(); ++i) diff --git a/configure.py b/configure.py index 0bd2a3b9a..d34f26277 100755 --- a/configure.py +++ b/configure.py @@ -45,9 +45,9 @@ class BuildConfigurationInformation(object): version_minor = 9 version_patch = 11 version_so_patch = 11 - version_suffix = '-dev' + version_suffix = '' - version_datestamp = None + version_datestamp = 20101129 version_string = '%d.%d.%d%s' % ( version_major, version_minor, version_patch, version_suffix) diff --git a/doc/api.tex b/doc/api.tex index ffcc82c53..79c090c2a 100644 --- a/doc/api.tex +++ b/doc/api.tex @@ -2078,7 +2078,7 @@ additionally keyed. Both of these are derived from the base class \type{BufferedComputation}, which has the following functions. \noindent -\type{size_t} \function{output\_length}() +\type{size\_t} \function{output\_length}() Return the size of the output of this function. diff --git a/doc/building.tex b/doc/building.tex index 36a9f1140..7164f74eb 100644 --- a/doc/building.tex +++ b/doc/building.tex @@ -149,6 +149,19 @@ order for new shared libraries to be picked up by the linker. An alternative is to set your \texttt{LD\_LIBRARY\_PATH} shell variable to include the directory that the Botan libraries were installed into. +\subsection{Mac OS X} + +In general the Unix instructions above should apply, however OS X does +not support \texttt{LD\_LIBRARY\_PATH}. Thomas Keller suggests instead +running \verb|install_name_tool| between building and running the +self-test program: + +\begin{verbatim} + $ VERSION=1.9.10 + $ install_name_tool -change $(otool -X -D libbotan-$VERSION.dylib) \ + $PWD/libbotan-$VERSION.dylib check +\end{verbatim} + \subsection{MS Windows} If you don't want to deal with building botan on Windows, check the diff --git a/doc/credits.txt b/doc/credits.txt index 63ceae483..fde877e7b 100644 --- a/doc/credits.txt +++ b/doc/credits.txt @@ -1,20 +1,17 @@ - This is the credits file of people that have contributed to Botan. It uses - the same format as the Linux credits file. Please keep it sorted by last - name. - - The fields are: - N - name - E - email - W - web URL - P - PGP fingerprint - D - description - S - meatspace location +This is at least a partial credits-file of people that have +contributed to the Botan project. It is sorted by name and formatted +to allow easy grepping and beautification by scripts. The fields are: +name (N), email (E), web-address (W), PGP key ID and fingerprint (P), +description (D), and snail-mail address (S). + +Thanks, + Jack Lloyd ---------- -N - Charles Brockman -W - http://www.securitygenetics.com/ -D - documentation editing -S - Oregon, USA +N: Charles Brockman +W: http://www.securitygenetics.com/ +D: documentation editing +S: Oregon, USA N: Martin Doering diff --git a/doc/examples/dsa_kgen.cpp b/doc/examples/dsa_kgen.cpp index e949ae54a..fe3157370 100644 --- a/doc/examples/dsa_kgen.cpp +++ b/doc/examples/dsa_kgen.cpp @@ -2,22 +2,10 @@ * (C) 2009 Jack Lloyd * * Distributed under the terms of the Botan license -*/ - - -/** -Generate a 1024 bit DSA key and put it into a file. The public key -format is that specified by X.509, while the private key format is -PKCS #8. - -The domain parameters are the ones specified as the Java default DSA -parameters. There is nothing special about these, it's just the only -1024-bit DSA parameter set that's included in Botan at the time of -this writing. The application always reads/writes all of the domain -parameters to/from the file, so a new set could be used without any -problems. We could generate a new set for each key, or read a set of -DSA params from a file and use those, but they mostly seem like -needless complications. +* +* Generate a 1024 bit DSA key and put it into a file. The public key +* format is that specified by X.509, while the private key format is +* PKCS #8. */ #include <iostream> diff --git a/doc/examples/new_engine.cpp b/doc/examples/new_engine.cpp index 4a2339bef..42e5dbe33 100644 --- a/doc/examples/new_engine.cpp +++ b/doc/examples/new_engine.cpp @@ -39,7 +39,8 @@ class XOR_Cipher : public StreamCipher void key_schedule(const byte key[], size_t length) { - mask.set(key, length); + mask.resize(length); + copy_mem(&mask[0], key, length); } SecureVector<byte> mask; diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp index 854cb3b28..10ead20cc 100644 --- a/doc/examples/tls_client.cpp +++ b/doc/examples/tls_client.cpp @@ -15,6 +15,22 @@ using namespace Botan; #include <iostream> #include <memory> +class Client_TLS_Policy : public TLS_Policy + { + public: + bool check_cert(const std::vector<X509_Certificate>& certs) const + { + for(size_t i = 0; i != certs.size(); ++i) + { + std::cout << certs[i].to_string(); + } + + std::cout << "Warning: not checking cert signatures\n"; + + return true; + } + }; + int main(int argc, char* argv[]) { if(argc != 2 && argc != 3) @@ -37,7 +53,7 @@ int main(int argc, char* argv[]) std::auto_ptr<Botan::RandomNumberGenerator> rng( Botan::RandomNumberGenerator::make_rng()); - TLS_Policy policy; + Client_TLS_Policy policy; TLS_Client tls(std::tr1::bind(&Socket::read, std::tr1::ref(sock), _1, _2), std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2), diff --git a/doc/examples/tls_server.cpp b/doc/examples/tls_server.cpp index e45a24759..91bb9ffbf 100644 --- a/doc/examples/tls_server.cpp +++ b/doc/examples/tls_server.cpp @@ -19,6 +19,21 @@ using namespace Botan; #include <iostream> #include <memory> +class Server_TLS_Policy : public TLS_Policy + { + public: + bool check_cert(const std::vector<X509_Certificate>& certs) const + { + for(size_t i = 0; i != certs.size(); ++i) + { + std::cout << certs[i].to_string(); + } + + std::cout << "Warning: not checking cert signatures\n"; + + return true; + } + }; int main(int argc, char* argv[]) { @@ -44,7 +59,7 @@ int main(int argc, char* argv[]) Unix_Server_Socket listener(port); - TLS_Policy policy; + Server_TLS_Policy policy; while(true) { diff --git a/doc/examples/x509info.cpp b/doc/examples/x509info.cpp index 52cc4afbd..b22b4ebd8 100644 --- a/doc/examples/x509info.cpp +++ b/doc/examples/x509info.cpp @@ -7,48 +7,9 @@ #include <botan/botan.h> #include <botan/x509cert.h> -#include <botan/oids.h> using namespace Botan; #include <iostream> -#include <iterator> -#include <algorithm> - -namespace { - -std::string to_hex(const SecureVector<byte>& bin) - { - Pipe pipe(new Hex_Encoder); - pipe.process_msg(bin); - if(pipe.remaining()) - return pipe.read_all_as_string(); - else - return "(none)"; - } - -void do_print(const std::string& what, - const std::vector<std::string>& vals) - { - if(vals.size() == 0) - return; - - std::cout << " " << what << ": "; - std::copy(vals.begin(), vals.end(), - std::ostream_iterator<std::string>(std::cout, " ")); - std::cout << "\n"; - } - -void do_subject(const X509_Certificate& cert, const std::string& what) - { - do_print(what, cert.subject_info(what)); - } - -void do_issuer(const X509_Certificate& cert, const std::string& what) - { - do_print(what, cert.issuer_info(what)); - } - -} int main(int argc, char* argv[]) { @@ -63,89 +24,7 @@ int main(int argc, char* argv[]) try { X509_Certificate cert(argv[1]); - std::cout << "Version: " << cert.x509_version() << std::endl; - - std::cout << "Subject" << std::endl; - do_subject(cert, "Name"); - do_subject(cert, "Email"); - do_subject(cert, "Organization"); - do_subject(cert, "Organizational Unit"); - do_subject(cert, "Locality"); - do_subject(cert, "State"); - do_subject(cert, "Country"); - do_subject(cert, "IP"); - do_subject(cert, "DNS"); - do_subject(cert, "URI"); - do_subject(cert, "PKIX.XMPPAddr"); - - std::cout << "Issuer" << std::endl; - do_issuer(cert, "Name"); - do_issuer(cert, "Email"); - do_issuer(cert, "Organization"); - do_issuer(cert, "Organizational Unit"); - do_issuer(cert, "Locality"); - do_issuer(cert, "State"); - do_issuer(cert, "Country"); - do_issuer(cert, "IP"); - do_issuer(cert, "DNS"); - do_issuer(cert, "URI"); - - std::cout << "Validity" << std::endl; - - std::cout << " Not before: " << cert.start_time() << std::endl; - std::cout << " Not after: " << cert.end_time() << std::endl; - - std::cout << "Constraints" << std::endl; - Key_Constraints constraints = cert.constraints(); - if(constraints == NO_CONSTRAINTS) - std::cout << "No constraints" << std::endl; - else - { - if(constraints & DIGITAL_SIGNATURE) - std::cout << " Digital Signature\n"; - if(constraints & NON_REPUDIATION) - std::cout << " Non-Repuidation\n"; - if(constraints & KEY_ENCIPHERMENT) - std::cout << " Key Encipherment\n"; - if(constraints & DATA_ENCIPHERMENT) - std::cout << " Data Encipherment\n"; - if(constraints & KEY_AGREEMENT) - std::cout << " Key Agreement\n"; - if(constraints & KEY_CERT_SIGN) - std::cout << " Cert Sign\n"; - if(constraints & CRL_SIGN) - std::cout << " CRL Sign\n"; - } - - std::vector<std::string> policies = cert.policies(); - if(policies.size()) - { - std::cout << "Policies: " << std::endl; - for(u32bit j = 0; j != policies.size(); j++) - std::cout << " " << policies[j] << std::endl; - } - - std::vector<std::string> ex_constraints = cert.ex_constraints(); - if(ex_constraints.size()) - { - std::cout << "Extended Constraints: " << std::endl; - for(u32bit j = 0; j != ex_constraints.size(); j++) - std::cout << " " << ex_constraints[j] << std::endl; - } - - std::cout << "Signature algorithm: " << - OIDS::lookup(cert.signature_algorithm().oid) << std::endl; - - std::cout << "Serial: " - << to_hex(cert.serial_number()) << std::endl; - std::cout << "Authority keyid: " - << to_hex(cert.authority_key_id()) << std::endl; - std::cout << "Subject keyid: " - << to_hex(cert.subject_key_id()) << std::endl; - - X509_PublicKey* pubkey = cert.subject_public_key(); - std::cout << "Public Key:\n" << X509::PEM_encode(*pubkey); - delete pubkey; + std::cout << cert.to_string(); } catch(std::exception& e) { diff --git a/doc/log.txt b/doc/log.txt index c8c9a477e..6ec755052 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -1,22 +1,32 @@ -* 1.9.11-dev, ????-??-?? - - Update Skein-512 to match the v1.3 specification +* 1.9.11, 2010-11-29 + - Many SSL/TLS APIs have changed. This API is still unstable. + - The SSL interface requires TR1 (uses std::tr1::function) - Fix SSL handshake failures when using RC4 ciphersuites - Fix a number of CRL encoding and decoding bugs + - Counter mode now always encrypts 256 blocks in parallel + - Code where u32bit was used to represent a length now uses size_t - Use small tables in the first round of AES + - Removed AES class: app must choose AES-128, AES-192, or AES-256 - Add hex encoding/decoding functions that can be used without a Pipe - Add base64 encoding functions that can be used without a Pipe + - Add to_string function to X509_Certificate - Add support for dynamic engine loading on Windows - - Allow using PBKDF2 with empty passphrases - - Switch default PKCS #8 encryption algorithm from AES-128 to AES-256 - - Support use of HMAC(SHA-256) and CMAC(Blowfish) in passhash9 - - Use size_t instead of u32bit for length fields - Replace BlockCipher::BLOCK_SIZE attribute with function block_size() - Replace HashFunction::HASH_BLOCK_SIZE attribute with hash_block_size() - Changed semantics of MemoryRegion::resize and clear to match STL - Removed MemoryRegion::append, replaced by push_back and operator+= + - Move PBKDF lookup to engine system + - The IDEA key schedule has been changed to run in constant time + - Avoid a possible timing vulnerability in Montgomery reduction + - Add Algorithm and Key_Length_Specification classes + - Switch default PKCS #8 encryption algorithm from AES-128 to AES-256 + - Update Skein-512 to match the v1.3 specification + - Allow using PBKDF2 with empty passphrases + - Add compile-time deprecation warnings for GCC, Clang, and MSVC + - Support use of HMAC(SHA-256) and CMAC(Blowfish) in passhash9 - Improve support for Intel Atom processors - - Fix compilation under Sun Studio + - Fix compilation problems under Sun Studio and Clang * 1.8.11, 2010-11-02 - Fix a number of CRL encoding and decoding bugs diff --git a/readme.txt b/readme.txt index aea851d11..7089adaaf 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -Botan 1.9.11-dev, ????-??-?? +Botan 1.9.11, 2010-11-29 http://botan.randombit.net/ Botan is a C++ class library for performing a wide variety of diff --git a/src/algo_base/algo_base.h b/src/algo_base/algo_base.h index c27ea1809..813216a36 100644 --- a/src/algo_base/algo_base.h +++ b/src/algo_base/algo_base.h @@ -1,6 +1,6 @@ /* -* Symmetric Algorithm Base Class -* (C) 1999-2007 Jack Lloyd +* Algorithm Base Class +* (C) 2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -14,18 +14,13 @@ namespace Botan { /** -* This class represents a symmetric algorithm object. +* This class represents an algorithm of some kind */ class BOTAN_DLL Algorithm { public: /** - * Make a new object representing the same algorithm as *this - */ - virtual Algorithm* clone() const = 0; - - /** * Zeroize internal state */ virtual void clear() = 0; diff --git a/src/asn1/x509_dn.cpp b/src/asn1/x509_dn.cpp index 0deed1a70..984645cfe 100644 --- a/src/asn1/x509_dn.cpp +++ b/src/asn1/x509_dn.cpp @@ -104,35 +104,6 @@ std::vector<std::string> X509_DN::get_attribute(const std::string& attr) const } /* -* Handle the decoding operation of a DN -*/ -void X509_DN::do_decode(const MemoryRegion<byte>& bits) - { - BER_Decoder sequence(bits); - - while(sequence.more_items()) - { - BER_Decoder rdn = sequence.start_cons(SET); - - while(rdn.more_items()) - { - OID oid; - ASN1_String str; - - rdn.start_cons(SEQUENCE) - .decode(oid) - .decode(str) - .verify_end() - .end_cons(); - - add_attribute(oid, str.value()); - } - } - - dn_bits = bits; - } - -/* * Return the BER encoded data, if any */ MemoryVector<byte> X509_DN::get_bits() const @@ -259,12 +230,12 @@ void X509_DN::encode_into(DER_Encoder& der) const der.raw_bytes(dn_bits); else { - do_ava(der, dn_info, PRINTABLE_STRING, "X520.Country", true); + do_ava(der, dn_info, PRINTABLE_STRING, "X520.Country"); do_ava(der, dn_info, DIRECTORY_STRING, "X520.State"); do_ava(der, dn_info, DIRECTORY_STRING, "X520.Locality"); do_ava(der, dn_info, DIRECTORY_STRING, "X520.Organization"); do_ava(der, dn_info, DIRECTORY_STRING, "X520.OrganizationalUnit"); - do_ava(der, dn_info, DIRECTORY_STRING, "X520.CommonName", true); + do_ava(der, dn_info, DIRECTORY_STRING, "X520.CommonName"); do_ava(der, dn_info, PRINTABLE_STRING, "X520.SerialNumber"); } @@ -276,13 +247,34 @@ void X509_DN::encode_into(DER_Encoder& der) const */ void X509_DN::decode_from(BER_Decoder& source) { - dn_info.clear(); + MemoryVector<byte> bits; source.start_cons(SEQUENCE) - .raw_bytes(dn_bits) + .raw_bytes(bits) .end_cons(); - do_decode(dn_bits); + BER_Decoder sequence(bits); + + while(sequence.more_items()) + { + BER_Decoder rdn = sequence.start_cons(SET); + + while(rdn.more_items()) + { + OID oid; + ASN1_String str; + + rdn.start_cons(SEQUENCE) + .decode(oid) + .decode(str) + .verify_end() + .end_cons(); + + add_attribute(oid, str.value()); + } + } + + dn_bits = bits; } } diff --git a/src/asn1/x509_dn.h b/src/asn1/x509_dn.h index c4fc2d17b..3f63eb49c 100644 --- a/src/asn1/x509_dn.h +++ b/src/asn1/x509_dn.h @@ -34,7 +34,6 @@ class BOTAN_DLL X509_DN : public ASN1_Object static std::string deref_info_field(const std::string&); - void do_decode(const MemoryRegion<byte>&); MemoryVector<byte> get_bits() const; X509_DN(); diff --git a/src/block/idea_sse2/idea_sse2.cpp b/src/block/idea_sse2/idea_sse2.cpp index 469a33943..f2c770103 100644 --- a/src/block/idea_sse2/idea_sse2.cpp +++ b/src/block/idea_sse2/idea_sse2.cpp @@ -16,7 +16,7 @@ inline __m128i mul(__m128i X, u16bit K_16) { const __m128i zeros = _mm_set1_epi16(0); const __m128i ones = _mm_set1_epi16(1); - const __m128i high_bit = _mm_set1_epi16(0x8000); + const __m128i high_bit = _mm_set1_epi16(-32767); // 0x8000 const __m128i K = _mm_set1_epi16(K_16); diff --git a/src/block/safer/safe_tab.cpp b/src/block/safer/safe_tab.cpp deleted file mode 100644 index e265a40eb..000000000 --- a/src/block/safer/safe_tab.cpp +++ /dev/null @@ -1,121 +0,0 @@ -/* -* S-Box Tables for SAFER-SK -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/safer_sk.h> - -namespace Botan { - -const byte SAFER_SK::EXP[256] = { - 0x01, 0x2D, 0xE2, 0x93, 0xBE, 0x45, 0x15, 0xAE, 0x78, 0x03, 0x87, 0xA4, - 0xB8, 0x38, 0xCF, 0x3F, 0x08, 0x67, 0x09, 0x94, 0xEB, 0x26, 0xA8, 0x6B, - 0xBD, 0x18, 0x34, 0x1B, 0xBB, 0xBF, 0x72, 0xF7, 0x40, 0x35, 0x48, 0x9C, - 0x51, 0x2F, 0x3B, 0x55, 0xE3, 0xC0, 0x9F, 0xD8, 0xD3, 0xF3, 0x8D, 0xB1, - 0xFF, 0xA7, 0x3E, 0xDC, 0x86, 0x77, 0xD7, 0xA6, 0x11, 0xFB, 0xF4, 0xBA, - 0x92, 0x91, 0x64, 0x83, 0xF1, 0x33, 0xEF, 0xDA, 0x2C, 0xB5, 0xB2, 0x2B, - 0x88, 0xD1, 0x99, 0xCB, 0x8C, 0x84, 0x1D, 0x14, 0x81, 0x97, 0x71, 0xCA, - 0x5F, 0xA3, 0x8B, 0x57, 0x3C, 0x82, 0xC4, 0x52, 0x5C, 0x1C, 0xE8, 0xA0, - 0x04, 0xB4, 0x85, 0x4A, 0xF6, 0x13, 0x54, 0xB6, 0xDF, 0x0C, 0x1A, 0x8E, - 0xDE, 0xE0, 0x39, 0xFC, 0x20, 0x9B, 0x24, 0x4E, 0xA9, 0x98, 0x9E, 0xAB, - 0xF2, 0x60, 0xD0, 0x6C, 0xEA, 0xFA, 0xC7, 0xD9, 0x00, 0xD4, 0x1F, 0x6E, - 0x43, 0xBC, 0xEC, 0x53, 0x89, 0xFE, 0x7A, 0x5D, 0x49, 0xC9, 0x32, 0xC2, - 0xF9, 0x9A, 0xF8, 0x6D, 0x16, 0xDB, 0x59, 0x96, 0x44, 0xE9, 0xCD, 0xE6, - 0x46, 0x42, 0x8F, 0x0A, 0xC1, 0xCC, 0xB9, 0x65, 0xB0, 0xD2, 0xC6, 0xAC, - 0x1E, 0x41, 0x62, 0x29, 0x2E, 0x0E, 0x74, 0x50, 0x02, 0x5A, 0xC3, 0x25, - 0x7B, 0x8A, 0x2A, 0x5B, 0xF0, 0x06, 0x0D, 0x47, 0x6F, 0x70, 0x9D, 0x7E, - 0x10, 0xCE, 0x12, 0x27, 0xD5, 0x4C, 0x4F, 0xD6, 0x79, 0x30, 0x68, 0x36, - 0x75, 0x7D, 0xE4, 0xED, 0x80, 0x6A, 0x90, 0x37, 0xA2, 0x5E, 0x76, 0xAA, - 0xC5, 0x7F, 0x3D, 0xAF, 0xA5, 0xE5, 0x19, 0x61, 0xFD, 0x4D, 0x7C, 0xB7, - 0x0B, 0xEE, 0xAD, 0x4B, 0x22, 0xF5, 0xE7, 0x73, 0x23, 0x21, 0xC8, 0x05, - 0xE1, 0x66, 0xDD, 0xB3, 0x58, 0x69, 0x63, 0x56, 0x0F, 0xA1, 0x31, 0x95, - 0x17, 0x07, 0x3A, 0x28 }; - -const byte SAFER_SK::LOG[512] = { - 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, 0x10, 0x12, 0x9F, 0xE4, - 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, 0x4F, 0x06, 0x94, 0xFC, - 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, 0x70, 0xED, 0xE8, 0xEC, - 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, 0x44, 0x01, 0xAC, 0x25, - 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, 0x0D, 0x6E, 0xFE, 0x26, - 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, 0x98, 0x05, 0x9C, 0xBB, - 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, 0xAF, 0x24, 0x5B, 0x87, - 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, 0x5C, 0x8B, 0xD5, 0x54, - 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, 0xCA, 0xF5, 0xD1, 0x17, - 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, 0xAE, 0xCC, 0xD6, 0x35, - 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, 0xD0, 0x50, 0x59, 0x3F, - 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, 0x4C, 0x2E, 0x6B, 0x9E, - 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, 0x75, 0x4A, 0x91, 0x71, - 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, 0x0B, 0xDC, 0x37, 0x31, - 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, 0xA4, 0x2F, 0x46, 0xF3, - 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, 0x85, 0x18, 0x04, 0x1D, - 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, 0xEE, 0x8D, 0x53, 0x4B, - 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, 0x81, 0xC4, 0xC7, 0x36, - 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, 0x6D, 0xF0, 0x02, 0x28, - 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, 0x86, 0xCF, 0xE5, 0x42, - 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, 0x92, 0x90, 0x7D, 0x39, - 0x6F, 0xE0, 0x89, 0x30, 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, - 0x10, 0x12, 0x9F, 0xE4, 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, - 0x4F, 0x06, 0x94, 0xFC, 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, - 0x70, 0xED, 0xE8, 0xEC, 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, - 0x44, 0x01, 0xAC, 0x25, 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, - 0x0D, 0x6E, 0xFE, 0x26, 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, - 0x98, 0x05, 0x9C, 0xBB, 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, - 0xAF, 0x24, 0x5B, 0x87, 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, - 0x5C, 0x8B, 0xD5, 0x54, 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, - 0xCA, 0xF5, 0xD1, 0x17, 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, - 0xAE, 0xCC, 0xD6, 0x35, 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, - 0xD0, 0x50, 0x59, 0x3F, 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, - 0x4C, 0x2E, 0x6B, 0x9E, 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, - 0x75, 0x4A, 0x91, 0x71, 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, - 0x0B, 0xDC, 0x37, 0x31, 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, - 0xA4, 0x2F, 0x46, 0xF3, 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, - 0x85, 0x18, 0x04, 0x1D, 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, - 0xEE, 0x8D, 0x53, 0x4B, 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, - 0x81, 0xC4, 0xC7, 0x36, 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, - 0x6D, 0xF0, 0x02, 0x28, 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, - 0x86, 0xCF, 0xE5, 0x42, 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, - 0x92, 0x90, 0x7D, 0x39, 0x6F, 0xE0, 0x89, 0x30 }; - -const byte SAFER_SK::BIAS[208] = { - 0x16, 0x73, 0x3B, 0x1E, 0x8E, 0x70, 0xBD, 0x86, 0x47, 0x7E, 0x24, 0x56, - 0xF1, 0x77, 0x88, 0x46, 0xB1, 0xBA, 0xA3, 0xB7, 0x10, 0x0A, 0xC5, 0x37, - 0xC9, 0x5A, 0x28, 0xAC, 0x64, 0xA5, 0xEC, 0xAB, 0xC6, 0x67, 0x95, 0x58, - 0x0D, 0xF8, 0x9A, 0xF6, 0x66, 0xDC, 0x05, 0x3D, 0xD3, 0x8A, 0xC3, 0xD8, - 0x6A, 0xE9, 0x36, 0x49, 0x43, 0xBF, 0xEB, 0xD4, 0x9B, 0x68, 0xA0, 0x65, - 0x5D, 0x57, 0x92, 0x1F, 0x71, 0x5C, 0xBB, 0x22, 0xC1, 0xBE, 0x7B, 0xBC, - 0x63, 0x94, 0x5F, 0x2A, 0x61, 0xB8, 0x34, 0x32, 0xFD, 0xFB, 0x17, 0x40, - 0xE6, 0x51, 0x1D, 0x41, 0x8F, 0x29, 0xDD, 0x04, 0x80, 0xDE, 0xE7, 0x31, - 0x7F, 0x01, 0xA2, 0xF7, 0x39, 0xDA, 0x6F, 0x23, 0xFE, 0x3A, 0xD0, 0x1C, - 0xD1, 0x30, 0x3E, 0x12, 0xCD, 0x0F, 0xE0, 0xA8, 0xAF, 0x82, 0x59, 0x2C, - 0x7D, 0xAD, 0xB2, 0xEF, 0xC2, 0x87, 0xCE, 0x75, 0x13, 0x02, 0x90, 0x4F, - 0x2E, 0x72, 0x33, 0x85, 0x8D, 0xCF, 0xA9, 0x81, 0xE2, 0xC4, 0x27, 0x2F, - 0x7A, 0x9F, 0x52, 0xE1, 0x15, 0x38, 0x2B, 0xFC, 0x42, 0xC7, 0x08, 0xE4, - 0x09, 0x55, 0x5E, 0x8C, 0x76, 0x60, 0xFF, 0xDF, 0xD7, 0x98, 0xFA, 0x0B, - 0x00, 0x1A, 0xF9, 0xA6, 0xB9, 0xE8, 0x9E, 0x62, 0xD9, 0x91, 0x50, 0xD2, - 0xEE, 0x18, 0xB4, 0x07, 0xEA, 0x5B, 0xA4, 0xC8, 0x0E, 0xCB, 0x48, 0x69, - 0x4E, 0x9C, 0x35, 0x79, 0x45, 0x4D, 0x54, 0xE5, 0x3C, 0x0C, 0x4A, 0x8B, - 0x3F, 0xCC, 0xA7, 0xDB }; - -const byte SAFER_SK::KEY_INDEX[208] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, - 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, - 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, - 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x02, 0x03, 0x04, 0x05, - 0x06, 0x07, 0x08, 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, - 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x0E, 0x0F, 0x10, 0x11, - 0x09, 0x0A, 0x0B, 0x0C, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, - 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x08, 0x00, 0x01, 0x02, - 0x03, 0x04, 0x05, 0x06, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, - 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, - 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, - 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F }; - -} diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp index 1d103040d..5275a0781 100644 --- a/src/block/safer/safer_sk.cpp +++ b/src/block/safer/safer_sk.cpp @@ -12,6 +12,79 @@ namespace Botan { +namespace { + +const byte EXP[256] = { + 0x01, 0x2D, 0xE2, 0x93, 0xBE, 0x45, 0x15, 0xAE, 0x78, 0x03, 0x87, 0xA4, + 0xB8, 0x38, 0xCF, 0x3F, 0x08, 0x67, 0x09, 0x94, 0xEB, 0x26, 0xA8, 0x6B, + 0xBD, 0x18, 0x34, 0x1B, 0xBB, 0xBF, 0x72, 0xF7, 0x40, 0x35, 0x48, 0x9C, + 0x51, 0x2F, 0x3B, 0x55, 0xE3, 0xC0, 0x9F, 0xD8, 0xD3, 0xF3, 0x8D, 0xB1, + 0xFF, 0xA7, 0x3E, 0xDC, 0x86, 0x77, 0xD7, 0xA6, 0x11, 0xFB, 0xF4, 0xBA, + 0x92, 0x91, 0x64, 0x83, 0xF1, 0x33, 0xEF, 0xDA, 0x2C, 0xB5, 0xB2, 0x2B, + 0x88, 0xD1, 0x99, 0xCB, 0x8C, 0x84, 0x1D, 0x14, 0x81, 0x97, 0x71, 0xCA, + 0x5F, 0xA3, 0x8B, 0x57, 0x3C, 0x82, 0xC4, 0x52, 0x5C, 0x1C, 0xE8, 0xA0, + 0x04, 0xB4, 0x85, 0x4A, 0xF6, 0x13, 0x54, 0xB6, 0xDF, 0x0C, 0x1A, 0x8E, + 0xDE, 0xE0, 0x39, 0xFC, 0x20, 0x9B, 0x24, 0x4E, 0xA9, 0x98, 0x9E, 0xAB, + 0xF2, 0x60, 0xD0, 0x6C, 0xEA, 0xFA, 0xC7, 0xD9, 0x00, 0xD4, 0x1F, 0x6E, + 0x43, 0xBC, 0xEC, 0x53, 0x89, 0xFE, 0x7A, 0x5D, 0x49, 0xC9, 0x32, 0xC2, + 0xF9, 0x9A, 0xF8, 0x6D, 0x16, 0xDB, 0x59, 0x96, 0x44, 0xE9, 0xCD, 0xE6, + 0x46, 0x42, 0x8F, 0x0A, 0xC1, 0xCC, 0xB9, 0x65, 0xB0, 0xD2, 0xC6, 0xAC, + 0x1E, 0x41, 0x62, 0x29, 0x2E, 0x0E, 0x74, 0x50, 0x02, 0x5A, 0xC3, 0x25, + 0x7B, 0x8A, 0x2A, 0x5B, 0xF0, 0x06, 0x0D, 0x47, 0x6F, 0x70, 0x9D, 0x7E, + 0x10, 0xCE, 0x12, 0x27, 0xD5, 0x4C, 0x4F, 0xD6, 0x79, 0x30, 0x68, 0x36, + 0x75, 0x7D, 0xE4, 0xED, 0x80, 0x6A, 0x90, 0x37, 0xA2, 0x5E, 0x76, 0xAA, + 0xC5, 0x7F, 0x3D, 0xAF, 0xA5, 0xE5, 0x19, 0x61, 0xFD, 0x4D, 0x7C, 0xB7, + 0x0B, 0xEE, 0xAD, 0x4B, 0x22, 0xF5, 0xE7, 0x73, 0x23, 0x21, 0xC8, 0x05, + 0xE1, 0x66, 0xDD, 0xB3, 0x58, 0x69, 0x63, 0x56, 0x0F, 0xA1, 0x31, 0x95, + 0x17, 0x07, 0x3A, 0x28 }; + +const byte LOG[512] = { + 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, 0x10, 0x12, 0x9F, 0xE4, + 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, 0x4F, 0x06, 0x94, 0xFC, + 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, 0x70, 0xED, 0xE8, 0xEC, + 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, 0x44, 0x01, 0xAC, 0x25, + 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, 0x0D, 0x6E, 0xFE, 0x26, + 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, 0x98, 0x05, 0x9C, 0xBB, + 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, 0xAF, 0x24, 0x5B, 0x87, + 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, 0x5C, 0x8B, 0xD5, 0x54, + 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, 0xCA, 0xF5, 0xD1, 0x17, + 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, 0xAE, 0xCC, 0xD6, 0x35, + 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, 0xD0, 0x50, 0x59, 0x3F, + 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, 0x4C, 0x2E, 0x6B, 0x9E, + 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, 0x75, 0x4A, 0x91, 0x71, + 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, 0x0B, 0xDC, 0x37, 0x31, + 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, 0xA4, 0x2F, 0x46, 0xF3, + 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, 0x85, 0x18, 0x04, 0x1D, + 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, 0xEE, 0x8D, 0x53, 0x4B, + 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, 0x81, 0xC4, 0xC7, 0x36, + 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, 0x6D, 0xF0, 0x02, 0x28, + 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, 0x86, 0xCF, 0xE5, 0x42, + 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, 0x92, 0x90, 0x7D, 0x39, + 0x6F, 0xE0, 0x89, 0x30, 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, + 0x10, 0x12, 0x9F, 0xE4, 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, + 0x4F, 0x06, 0x94, 0xFC, 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, + 0x70, 0xED, 0xE8, 0xEC, 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, + 0x44, 0x01, 0xAC, 0x25, 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, + 0x0D, 0x6E, 0xFE, 0x26, 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, + 0x98, 0x05, 0x9C, 0xBB, 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, + 0xAF, 0x24, 0x5B, 0x87, 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, + 0x5C, 0x8B, 0xD5, 0x54, 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, + 0xCA, 0xF5, 0xD1, 0x17, 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, + 0xAE, 0xCC, 0xD6, 0x35, 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, + 0xD0, 0x50, 0x59, 0x3F, 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, + 0x4C, 0x2E, 0x6B, 0x9E, 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, + 0x75, 0x4A, 0x91, 0x71, 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, + 0x0B, 0xDC, 0x37, 0x31, 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, + 0xA4, 0x2F, 0x46, 0xF3, 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, + 0x85, 0x18, 0x04, 0x1D, 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, + 0xEE, 0x8D, 0x53, 0x4B, 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, + 0x81, 0xC4, 0xC7, 0x36, 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, + 0x6D, 0xF0, 0x02, 0x28, 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, + 0x86, 0xCF, 0xE5, 0x42, 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, + 0x92, 0x90, 0x7D, 0x39, 0x6F, 0xE0, 0x89, 0x30 }; + +} + /* * SAFER-SK Encryption */ @@ -95,6 +168,46 @@ void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const */ void SAFER_SK::key_schedule(const byte key[], size_t) { + const byte BIAS[208] = { + 0x16, 0x73, 0x3B, 0x1E, 0x8E, 0x70, 0xBD, 0x86, 0x47, 0x7E, 0x24, 0x56, + 0xF1, 0x77, 0x88, 0x46, 0xB1, 0xBA, 0xA3, 0xB7, 0x10, 0x0A, 0xC5, 0x37, + 0xC9, 0x5A, 0x28, 0xAC, 0x64, 0xA5, 0xEC, 0xAB, 0xC6, 0x67, 0x95, 0x58, + 0x0D, 0xF8, 0x9A, 0xF6, 0x66, 0xDC, 0x05, 0x3D, 0xD3, 0x8A, 0xC3, 0xD8, + 0x6A, 0xE9, 0x36, 0x49, 0x43, 0xBF, 0xEB, 0xD4, 0x9B, 0x68, 0xA0, 0x65, + 0x5D, 0x57, 0x92, 0x1F, 0x71, 0x5C, 0xBB, 0x22, 0xC1, 0xBE, 0x7B, 0xBC, + 0x63, 0x94, 0x5F, 0x2A, 0x61, 0xB8, 0x34, 0x32, 0xFD, 0xFB, 0x17, 0x40, + 0xE6, 0x51, 0x1D, 0x41, 0x8F, 0x29, 0xDD, 0x04, 0x80, 0xDE, 0xE7, 0x31, + 0x7F, 0x01, 0xA2, 0xF7, 0x39, 0xDA, 0x6F, 0x23, 0xFE, 0x3A, 0xD0, 0x1C, + 0xD1, 0x30, 0x3E, 0x12, 0xCD, 0x0F, 0xE0, 0xA8, 0xAF, 0x82, 0x59, 0x2C, + 0x7D, 0xAD, 0xB2, 0xEF, 0xC2, 0x87, 0xCE, 0x75, 0x13, 0x02, 0x90, 0x4F, + 0x2E, 0x72, 0x33, 0x85, 0x8D, 0xCF, 0xA9, 0x81, 0xE2, 0xC4, 0x27, 0x2F, + 0x7A, 0x9F, 0x52, 0xE1, 0x15, 0x38, 0x2B, 0xFC, 0x42, 0xC7, 0x08, 0xE4, + 0x09, 0x55, 0x5E, 0x8C, 0x76, 0x60, 0xFF, 0xDF, 0xD7, 0x98, 0xFA, 0x0B, + 0x00, 0x1A, 0xF9, 0xA6, 0xB9, 0xE8, 0x9E, 0x62, 0xD9, 0x91, 0x50, 0xD2, + 0xEE, 0x18, 0xB4, 0x07, 0xEA, 0x5B, 0xA4, 0xC8, 0x0E, 0xCB, 0x48, 0x69, + 0x4E, 0x9C, 0x35, 0x79, 0x45, 0x4D, 0x54, 0xE5, 0x3C, 0x0C, 0x4A, 0x8B, + 0x3F, 0xCC, 0xA7, 0xDB }; + + const byte KEY_INDEX[208] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, + 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, + 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x02, 0x03, 0x04, 0x05, + 0x06, 0x07, 0x08, 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, + 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x0E, 0x0F, 0x10, 0x11, + 0x09, 0x0A, 0x0B, 0x0C, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x08, 0x00, 0x01, 0x02, + 0x03, 0x04, 0x05, 0x06, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E, + 0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, + 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, + 0x0C, 0x0D, 0x0E, 0x0F }; + SecureVector<byte> KB(18); for(size_t i = 0; i != 8; ++i) diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h index 803afffa0..564ea5c50 100644 --- a/src/block/safer/safer_sk.h +++ b/src/block/safer/safer_sk.h @@ -34,11 +34,6 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16> size_t get_rounds() const { return (EK.size() - 8) / 16; } void key_schedule(const byte[], size_t); - static const byte EXP[256]; - static const byte LOG[512]; - static const byte BIAS[208]; - static const byte KEY_INDEX[208]; - SecureVector<byte> EK; }; diff --git a/src/build-data/cc/clang.txt b/src/build-data/cc/clang.txt index fde720d18..14c51349c 100644 --- a/src/build-data/cc/clang.txt +++ b/src/build-data/cc/clang.txt @@ -30,6 +30,7 @@ default -> "$(CXX) -shared -fPIC -Wl,-soname,$(SONAME)" <mach_opt> amd64 -> "-march=SUBMODEL" +nehalem -> "-march=core2 -mssse3 -msse4.1" </mach_opt> <mach_abi_linking> diff --git a/src/cert/cvc/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp index dba2ece8d..1b3940250 100644 --- a/src/cert/cvc/ecdsa_sig.cpp +++ b/src/cert/cvc/ecdsa_sig.cpp @@ -32,7 +32,8 @@ MemoryVector<byte> ECDSA_Signature::DER_encode() const MemoryVector<byte> ECDSA_Signature::get_concatenation() const { - u32bit enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes(); // use the larger + // use the larger + const size_t enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes(); SecureVector<byte> sv_r = BigInt::encode_1363(m_r, enc_len); SecureVector<byte> sv_s = BigInt::encode_1363(m_s, enc_len); diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp index 7c0e103d1..14b5240cf 100644 --- a/src/cert/x509ca/x509_ca.cpp +++ b/src/cert/x509ca/x509_ca.cpp @@ -94,7 +94,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer, const Extensions& extensions) { const u32bit X509_CERT_VERSION = 3; - const size_t SERIAL_BITS = 128; + const size_t SERIAL_BITS = 256; BigInt serial_no(rng, SERIAL_BITS); diff --git a/src/cert/x509cert/x509cert.cpp b/src/cert/x509cert/x509cert.cpp index e3844e8e9..05a459c1f 100644 --- a/src/cert/x509cert/x509cert.cpp +++ b/src/cert/x509cert/x509cert.cpp @@ -1,6 +1,6 @@ /* * X.509 Certificates -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -14,7 +14,10 @@ #include <botan/bigint.h> #include <botan/oids.h> #include <botan/pem.h> +#include <botan/hex.h> #include <algorithm> +#include <iterator> +#include <sstream> namespace Botan { @@ -295,6 +298,106 @@ bool operator!=(const X509_Certificate& cert1, const X509_Certificate& cert2) return !(cert1 == cert2); } +std::string X509_Certificate::to_string() const + { + const char* dn_fields[] = { "Name", + "Email", + "Organization", + "Organizational Unit", + "Locality", + "State", + "Country", + "IP", + "DNS", + "URI", + "PKIX.XMPPAddr", + 0 }; + + std::ostringstream out; + + for(size_t i = 0; dn_fields[i]; ++i) + { + const std::vector<std::string> vals = this->subject_info(dn_fields[i]); + + if(vals.empty()) + continue; + + out << "Subject " << dn_fields[i] << ":"; + for(size_t i = 0; i != vals.size(); ++i) + out << " " << vals[i]; + out << "\n"; + } + + for(size_t i = 0; dn_fields[i]; ++i) + { + const std::vector<std::string> vals = this->issuer_info(dn_fields[i]); + + if(vals.empty()) + continue; + + out << "Issuer " << dn_fields[i] << ":"; + for(size_t i = 0; i != vals.size(); ++i) + out << " " << vals[i]; + out << "\n"; + } + + out << "Version: " << this->x509_version() << "\n"; + + out << "Not valid before: " << this->start_time() << "\n"; + out << "Not valid after: " << this->end_time() << "\n"; + + out << "Constraints:\n"; + Key_Constraints constraints = this->constraints(); + if(constraints == NO_CONSTRAINTS) + out << " None\n"; + else + { + if(constraints & DIGITAL_SIGNATURE) + out << " Digital Signature\n"; + if(constraints & NON_REPUDIATION) + out << " Non-Repuidation\n"; + if(constraints & KEY_ENCIPHERMENT) + out << " Key Encipherment\n"; + if(constraints & DATA_ENCIPHERMENT) + out << " Data Encipherment\n"; + if(constraints & KEY_AGREEMENT) + out << " Key Agreement\n"; + if(constraints & KEY_CERT_SIGN) + out << " Cert Sign\n"; + if(constraints & CRL_SIGN) + out << " CRL Sign\n"; + } + + std::vector<std::string> policies = this->policies(); + if(policies.size()) + { + out << "Policies: " << "\n"; + for(u32bit j = 0; j != policies.size(); j++) + out << " " << policies[j] << "\n"; + } + + std::vector<std::string> ex_constraints = this->ex_constraints(); + if(ex_constraints.size()) + { + out << "Extended Constraints:\n"; + for(u32bit j = 0; j != ex_constraints.size(); j++) + out << " " << ex_constraints[j] << "\n"; + } + + out << "Signature algorithm: " << + OIDS::lookup(this->signature_algorithm().oid) << "\n"; + + out << "Serial number: " << hex_encode(this->serial_number()) << "\n"; + out << "Authority keyid: " << hex_encode(this->authority_key_id()) << "\n"; + out << "Subject keyid: " << hex_encode(this->subject_key_id()) << "\n"; + + X509_PublicKey* pubkey = this->subject_public_key(); + out << "Public Key:\n" << X509::PEM_encode(*pubkey); + delete pubkey; + + return out.str(); + } + /* * Create and populate a X509_DN */ diff --git a/src/cert/x509cert/x509cert.h b/src/cert/x509cert/x509cert.h index 754553f3d..8798ef1c2 100644 --- a/src/cert/x509cert/x509cert.h +++ b/src/cert/x509cert/x509cert.h @@ -141,6 +141,11 @@ class BOTAN_DLL X509_Certificate : public X509_Object std::vector<std::string> policies() const; /** + * @return a string describing the certificate + */ + std::string to_string() const; + + /** * Check to certificates for equality. * @return true both certificates are (binary) equal */ diff --git a/src/engine/core_engine/core_modes.cpp b/src/engine/core_engine/core_modes.cpp index 7cf7cf460..035cd41c7 100644 --- a/src/engine/core_engine/core_modes.cpp +++ b/src/engine/core_engine/core_modes.cpp @@ -217,8 +217,7 @@ Keyed_Filter* Core_Engine::get_cipher(const std::string& algo_spec, if(filt) return filt; - throw Algorithm_Not_Found("get_mode: " + cipher_name + "/" + - mode + "/" + padding); + throw Algorithm_Not_Found(cipher_name + "/" + mode + "/" + padding); } } diff --git a/src/filters/modes/mode_pad/mode_pad.cpp b/src/filters/modes/mode_pad/mode_pad.cpp index 5d3a152d6..7809a122f 100644 --- a/src/filters/modes/mode_pad/mode_pad.cpp +++ b/src/filters/modes/mode_pad/mode_pad.cpp @@ -7,6 +7,7 @@ #include <botan/mode_pad.h> #include <botan/exceptn.h> +#include <botan/internal/assert.h> namespace Botan { @@ -23,8 +24,14 @@ size_t BlockCipherModePaddingMethod::pad_bytes(size_t bs, size_t pos) const */ void PKCS7_Padding::pad(byte block[], size_t size, size_t position) const { + const size_t bytes_remaining = size - position; + const byte pad_value = static_cast<byte>(bytes_remaining); + + BOTAN_ASSERT_EQUAL(pad_value, bytes_remaining, + "Overflow in PKCS7_Padding"); + for(size_t j = 0; j != size; ++j) - block[j] = (size-position); + block[j] = pad_value; } /* diff --git a/src/kdf/ssl_prf/prf_ssl3.cpp b/src/kdf/ssl_prf/prf_ssl3.cpp index 4f7325bde..72cf023e2 100644 --- a/src/kdf/ssl_prf/prf_ssl3.cpp +++ b/src/kdf/ssl_prf/prf_ssl3.cpp @@ -30,7 +30,7 @@ OctetString next_hash(size_t where, size_t want, const byte ASCII_A_CHAR = 0x41; for(size_t j = 0; j != where + 1; j++) - sha1.update(ASCII_A_CHAR + where); + sha1.update(static_cast<byte>(ASCII_A_CHAR + where)); sha1.update(secret, secret_len); sha1.update(seed, seed_len); SecureVector<byte> sha1_hash = sha1.final(); diff --git a/src/pubkey/workfactor.cpp b/src/pubkey/workfactor.cpp index a4d670c82..f3d5d164a 100644 --- a/src/pubkey/workfactor.cpp +++ b/src/pubkey/workfactor.cpp @@ -34,14 +34,14 @@ size_t dl_work_factor(size_t bits) return 190; return 256; #else - const size_t MIN_ESTIMATE = 64; + const double MIN_ESTIMATE = 64; const double log_x = bits / 1.44; const double strength = 2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0); - return std::max<size_t>(strength, MIN_ESTIMATE); + return static_cast<size_t>(std::max(strength, MIN_ESTIMATE)); #endif } diff --git a/src/ssl/tls_policy.cpp b/src/ssl/tls_policy.cpp index 38fcf58cc..b73ff7850 100644 --- a/src/ssl/tls_policy.cpp +++ b/src/ssl/tls_policy.cpp @@ -115,12 +115,4 @@ DL_Group TLS_Policy::dh_group() const return DL_Group("modp/ietf/1024"); } -/* -* Default certificate check -*/ -bool TLS_Policy::check_cert(const std::vector<X509_Certificate>& certs) const - { - return true; - } - } diff --git a/src/ssl/tls_policy.h b/src/ssl/tls_policy.h index c5944f0f7..461164d2f 100644 --- a/src/ssl/tls_policy.h +++ b/src/ssl/tls_policy.h @@ -39,10 +39,17 @@ class BOTAN_DLL TLS_Policy virtual DL_Group dh_group() const; virtual size_t rsa_export_keysize() const { return 512; } + /* + * @return the minimum version that we will negotiate + */ virtual Version_Code min_version() const { return SSL_V3; } + + /* + * @return the version we would prefer to negotiate + */ virtual Version_Code pref_version() const { return TLS_V11; } - virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const; + virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const = 0; virtual ~TLS_Policy() {} private: diff --git a/src/utils/assert.h b/src/utils/assert.h index d84f5c7ad..67ca665e3 100644 --- a/src/utils/assert.h +++ b/src/utils/assert.h @@ -16,14 +16,24 @@ void assertion_failure(const char* expr_str, const char* file, int line); -#define BOTAN_ASSERT(expr, msg) \ - do { \ - if(!(expr)) \ - Botan::assertion_failure(#expr, \ - msg, \ - BOTAN_ASSERT_FUNCTION, \ - __FILE__, \ - __LINE__); \ +#define BOTAN_ASSERT(expr, msg) \ + do { \ + if(!(expr)) \ + Botan::assertion_failure(#expr, \ + msg, \ + BOTAN_ASSERT_FUNCTION, \ + __FILE__, \ + __LINE__); \ + } while(0) + +#define BOTAN_ASSERT_EQUAL(value1, value2, msg) \ + do { \ + if(value1 != value2) \ + Botan::assertion_failure(#value1 " == " #value2, \ + msg, \ + BOTAN_ASSERT_FUNCTION, \ + __FILE__, \ + __LINE__); \ } while(0) /* diff --git a/src/utils/cpuid.cpp b/src/utils/cpuid.cpp index c34a99942..30f441bd0 100644 --- a/src/utils/cpuid.cpp +++ b/src/utils/cpuid.cpp @@ -26,7 +26,7 @@ #include <ia32intrin.h> #define CALL_CPUID(type, out) do { __cpuid(out, type); } while(0); -#elif BOTAN_GCC_VERSION >= 430 +#elif (BOTAN_GCC_VERSION >= 430) || defined(BOTAN_BUILD_COMPILER_IS_CLANG) // Only available starting in GCC 4.3 #include <cpuid.h> |